Skip to main content

Get Current User of Drupal 9 Externally

You have a stand-alone application that is not a Drupal module but resides in a Drupal sub-folder. And you want Drupal to manage your users. You want to access the currently logged-in Drupal user from your application. The following function will give you the current  user id, name, email and roles:

use Drupal\Core\DrupalKernel;
use Symfony\Component\HttpFoundation\Request;

/**
 * Get Drupal current session user details.
 * Passing Drupal folder, or its relative folder such as '..'
 * when it is called from a Drupal sub-folder.
 * Return ['id', 'name', 'email', 'roles']
 */
function get_drupal_current_user($drupal_dir) {
	// Change the directory to the Drupal root.
	chdir($drupal_dir);
	$drupal_root = getcwd();

	if ($drupal_root === false)
		return [];

	$autoloader = require_once 'autoload.php';

	$kernel = new DrupalKernel('prod', $autoloader);

	$request = Request::createFromGlobals();

	// Emulate Drupal /index.php to get the current user id
	$request->server->set("SCRIPT_FILENAME", $drupal_root . "/index.php");
	$request->server->set("REQUEST_URI", "/");
	$request->server->set("SCRIPT_NAME", "/index.php");
	$request->server->set("PHP_SELF", "/index.php");

	$response = $kernel->handle($request);
	
	$user_id = \Drupal::currentUser()->id();
	$acct = \Drupal\user\Entity\User::load($user_id);
	if ($acct != null) {
		$user_name = $acct->getDisplayName();
		$user_email = $acct->getEmail();
		$user_roles = $acct->getRoles();
	}
	else {
		$user_name = "";
		$user_email = "";
		$user_roles = [];
	}
	
	$kernel->terminate($request, $response);
	
	return ['id' => $user_id, 'name' => $user_name, 'email' => $user_email, 'roles' => $user_roles];
}

It emulates Drupal 9 index.php. It has to emulates index.php otherwise Drupal will create an anonymous session. Technically, you are already inside Drupal and you can call any Drupal function from within the code above.



Comments

Post a Comment

Popular posts from this blog

Setting Up PyScripter for Quantum GIS

PyScripter is a general purpose Python Integrated Development Environment (IDE). Quantum GIS (QGIS) is a desktop GIS application that can be extended with Python plugins. Both are open source softwares. We intend to use PyScripter as an IDE to build QGIS Python plugin. We are using PyScripter 2.4.1.0 and QGIS 1.6.0 in Windows. PyScripter does not come with Python. On the other hand, QGIS is built in with Python. Thus, we will setup up PyScripter to use the build in Python in QGIS. We assume both PyScripter and QGIS are already installed. Preparing PyScripter batch file We assume that QGIS is installed in C:\OSGeo4W\ folder and PyScripter is installed in C:\Program Files\PyScripter\ . 1. Copy qgis.bat in C:\OSGeo4W\ bin to pyscripter.bat 2. Edit pyscripter.bat to remove the last line that read something like this start "Quantum GIS" /B "%OSGEO4W_ROOT%"\apps\qgis\bin\qgis.exe %* and replace it with this in one line Start "PyScripter" /B "C:\Progr...
8 comments
Read more

Everything has a Signature

Every data has a signature  which can be derived mathematically. All data of any size can be digested into fixed-size signatures. The signatures can be used to identify the data. Unique data has unique signature. Cryptographic hashing is a mathematical technique to hash or digest a data to reveal its signature. Digesting the same data always produce the same signature. Any minor change on the data will produce significantly different signature. A changed data is a different data. Data signature, hashing or digesting makes it possible for the data to be represented by its signature into a subsequent signing by combining it with one or more data signatures to produce a new signature representing a larger data set. Eventually, all data can be digested in chunks to produce a single signature. A signature can be verified by hashing the same data again which will produce the same signature. This introduces data signing-verification concept. In a communication between two parties, ...
Post a Comment
Read more

Access Control

Access control is about controlling user flow within your application. Do not mistaken access control with security which is a bigger subject in itself. Access control begins by authenticating user and limit his or her activity in your application. An activity is something like creating, updating or deleting a content. There are always finite number of activities that can be done in a given application. Each user can be assigned to a set of activities that he or she is allowed to do. Access control is usually tied to session management. However, you do not need session management to have access control. When a user log in, a session is created so that the user is remembered for the subsequent access. Otherwise the user has to keep on providing his or her credential for each access. We can also keep a list of activities that the user is allowed to do in the session record. Some applications let the session alive indefinitely and some applications time out user after a duration of inacti...
Post a Comment
Read more